From 455c8c595321f4f4633d409894d61b2c966dd212 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" Date: Mon, 30 Sep 2024 17:59:48 +0000 Subject: [PATCH] Release preparation for version 2.19.1 --- cpp/ql/lib/CHANGELOG.md | 4 ++++ cpp/ql/lib/change-notes/released/2.0.1.md | 3 +++ cpp/ql/lib/codeql-pack.release.yml | 2 +- cpp/ql/lib/qlpack.yml | 2 +- cpp/ql/src/CHANGELOG.md | 10 ++++++-- .../1.2.4.md} | 7 +++--- cpp/ql/src/codeql-pack.release.yml | 2 +- cpp/ql/src/qlpack.yml | 2 +- .../ql/campaigns/Solorigate/lib/CHANGELOG.md | 4 ++++ .../lib/change-notes/released/1.7.26.md | 3 +++ .../Solorigate/lib/codeql-pack.release.yml | 2 +- csharp/ql/campaigns/Solorigate/lib/qlpack.yml | 2 +- .../ql/campaigns/Solorigate/src/CHANGELOG.md | 4 ++++ .../src/change-notes/released/1.7.26.md | 3 +++ .../Solorigate/src/codeql-pack.release.yml | 2 +- csharp/ql/campaigns/Solorigate/src/qlpack.yml | 2 +- csharp/ql/lib/CHANGELOG.md | 16 +++++++++++++ .../2024-09-10-ActiveThreatModelSource.md | 4 ---- .../change-notes/2024-09-16-accessor-mad.md | 4 ---- .../lib/change-notes/2024-09-16-delete-cil.md | 4 ---- .../2024-09-16-indexer-attributes.md | 4 ---- .../2024-09-19-reduced-dataflow-nodes.md | 4 ---- csharp/ql/lib/change-notes/released/3.0.0.md | 15 ++++++++++++ csharp/ql/lib/codeql-pack.release.yml | 2 +- csharp/ql/lib/qlpack.yml | 2 +- csharp/ql/src/CHANGELOG.md | 6 +++++ .../1.0.9.md} | 7 +++--- csharp/ql/src/codeql-pack.release.yml | 2 +- csharp/ql/src/qlpack.yml | 2 +- go/ql/consistency-queries/CHANGELOG.md | 4 ++++ .../change-notes/released/1.0.9.md | 3 +++ .../codeql-pack.release.yml | 2 +- go/ql/consistency-queries/qlpack.yml | 2 +- go/ql/lib/CHANGELOG.md | 24 +++++++++++++------ .../2024-09-10-ActiveThreatModelSource.md | 4 ---- .../2.1.0.md} | 11 ++++++--- go/ql/lib/codeql-pack.release.yml | 2 +- go/ql/lib/qlpack.yml | 2 +- go/ql/src/CHANGELOG.md | 6 +++++ .../1.1.0.md} | 7 +++--- go/ql/src/codeql-pack.release.yml | 2 +- go/ql/src/qlpack.yml | 2 +- java/ql/automodel/src/CHANGELOG.md | 4 ++++ .../src/change-notes/released/1.0.9.md | 3 +++ java/ql/automodel/src/codeql-pack.release.yml | 2 +- java/ql/automodel/src/qlpack.yml | 2 +- java/ql/lib/CHANGELOG.md | 16 ++++++++++++- .../2024-09-10-ActiveThreatModelSource.md | 4 ---- .../lib/change-notes/2024-09-16-nestedName.md | 4 ---- java/ql/lib/change-notes/2024-09-18-fields.md | 5 ---- .../change-notes/2024-09-20-kotlin-2.1.0.md | 4 ---- .../ql/lib/change-notes/2024-09-25-java-23.md | 4 ---- java/ql/lib/change-notes/released/4.1.0.md | 13 ++++++++++ java/ql/lib/codeql-pack.release.yml | 2 +- java/ql/lib/qlpack.yml | 2 +- java/ql/src/CHANGELOG.md | 6 +++++ .../2024-09-18-getInputStream-summary.md | 4 ---- java/ql/src/change-notes/released/1.1.6.md | 5 ++++ java/ql/src/codeql-pack.release.yml | 2 +- java/ql/src/qlpack.yml | 2 +- javascript/ql/lib/CHANGELOG.md | 4 ++++ .../ql/lib/change-notes/released/2.0.1.md | 3 +++ javascript/ql/lib/codeql-pack.release.yml | 2 +- javascript/ql/lib/qlpack.yml | 2 +- javascript/ql/src/CHANGELOG.md | 6 ++++- .../ql/src/change-notes/released/1.2.1.md | 3 +++ javascript/ql/src/codeql-pack.release.yml | 2 +- javascript/ql/src/qlpack.yml | 2 +- misc/suite-helpers/CHANGELOG.md | 4 ++++ .../change-notes/released/1.0.9.md | 3 +++ misc/suite-helpers/codeql-pack.release.yml | 2 +- misc/suite-helpers/qlpack.yml | 2 +- python/ql/lib/CHANGELOG.md | 10 ++++++++ .../2024-09-20-const-compare-gaurd.md | 4 ---- .../2.1.0.md} | 11 ++++++--- python/ql/lib/codeql-pack.release.yml | 2 +- python/ql/lib/qlpack.yml | 2 +- python/ql/src/CHANGELOG.md | 6 +++++ ...-08-26-Cors-misconfiguration-middleware.md | 4 ---- python/ql/src/change-notes/released/1.3.0.md | 5 ++++ python/ql/src/codeql-pack.release.yml | 2 +- python/ql/src/qlpack.yml | 2 +- ruby/ql/lib/CHANGELOG.md | 4 ++++ ruby/ql/lib/change-notes/released/2.0.1.md | 3 +++ ruby/ql/lib/codeql-pack.release.yml | 2 +- ruby/ql/lib/qlpack.yml | 2 +- ruby/ql/src/CHANGELOG.md | 4 ++++ ruby/ql/src/change-notes/released/1.1.4.md | 3 +++ ruby/ql/src/codeql-pack.release.yml | 2 +- ruby/ql/src/qlpack.yml | 2 +- shared/controlflow/CHANGELOG.md | 4 ++++ .../change-notes/released/1.0.9.md | 3 +++ shared/controlflow/codeql-pack.release.yml | 2 +- shared/controlflow/qlpack.yml | 2 +- shared/dataflow/CHANGELOG.md | 4 ++++ .../dataflow/change-notes/released/1.1.3.md | 3 +++ shared/dataflow/codeql-pack.release.yml | 2 +- shared/dataflow/qlpack.yml | 2 +- shared/mad/CHANGELOG.md | 4 ++++ shared/mad/change-notes/released/1.0.9.md | 3 +++ shared/mad/codeql-pack.release.yml | 2 +- shared/mad/qlpack.yml | 2 +- shared/rangeanalysis/CHANGELOG.md | 4 ++++ .../change-notes/released/1.0.9.md | 3 +++ shared/rangeanalysis/codeql-pack.release.yml | 2 +- shared/rangeanalysis/qlpack.yml | 2 +- shared/regex/CHANGELOG.md | 4 ++++ shared/regex/change-notes/released/1.0.9.md | 3 +++ shared/regex/codeql-pack.release.yml | 2 +- shared/regex/qlpack.yml | 2 +- shared/ssa/CHANGELOG.md | 4 ++++ shared/ssa/change-notes/released/1.0.9.md | 3 +++ shared/ssa/codeql-pack.release.yml | 2 +- shared/ssa/qlpack.yml | 2 +- shared/threat-models/CHANGELOG.md | 4 ++++ .../change-notes/released/1.0.9.md | 3 +++ shared/threat-models/codeql-pack.release.yml | 2 +- shared/threat-models/qlpack.yml | 2 +- shared/tutorial/CHANGELOG.md | 4 ++++ .../tutorial/change-notes/released/1.0.9.md | 3 +++ shared/tutorial/codeql-pack.release.yml | 2 +- shared/tutorial/qlpack.yml | 2 +- shared/typeflow/CHANGELOG.md | 4 ++++ .../typeflow/change-notes/released/1.0.9.md | 3 +++ shared/typeflow/codeql-pack.release.yml | 2 +- shared/typeflow/qlpack.yml | 2 +- shared/typetracking/CHANGELOG.md | 4 ++++ .../change-notes/released/1.0.9.md | 3 +++ shared/typetracking/codeql-pack.release.yml | 2 +- shared/typetracking/qlpack.yml | 2 +- shared/typos/CHANGELOG.md | 4 ++++ shared/typos/change-notes/released/1.0.9.md | 3 +++ shared/typos/codeql-pack.release.yml | 2 +- shared/typos/qlpack.yml | 2 +- shared/util/CHANGELOG.md | 4 ++++ shared/util/change-notes/released/1.0.9.md | 3 +++ shared/util/codeql-pack.release.yml | 2 +- shared/util/qlpack.yml | 2 +- shared/xml/CHANGELOG.md | 4 ++++ shared/xml/change-notes/released/1.0.9.md | 3 +++ shared/xml/codeql-pack.release.yml | 2 +- shared/xml/qlpack.yml | 2 +- shared/yaml/CHANGELOG.md | 4 ++++ shared/yaml/change-notes/released/1.0.9.md | 3 +++ shared/yaml/codeql-pack.release.yml | 2 +- shared/yaml/qlpack.yml | 2 +- swift/ql/lib/CHANGELOG.md | 6 +++++ .../2.0.1.md} | 7 +++--- swift/ql/lib/codeql-pack.release.yml | 2 +- swift/ql/lib/qlpack.yml | 2 +- swift/ql/src/CHANGELOG.md | 4 ++++ swift/ql/src/change-notes/released/1.0.9.md | 3 +++ swift/ql/src/codeql-pack.release.yml | 2 +- swift/ql/src/qlpack.yml | 2 +- 154 files changed, 412 insertions(+), 156 deletions(-) create mode 100644 cpp/ql/lib/change-notes/released/2.0.1.md rename cpp/ql/src/change-notes/{2024-09-26-wrong-number-format-arguments.md => released/1.2.4.md} (80%) create mode 100644 csharp/ql/campaigns/Solorigate/lib/change-notes/released/1.7.26.md create mode 100644 csharp/ql/campaigns/Solorigate/src/change-notes/released/1.7.26.md delete mode 100644 csharp/ql/lib/change-notes/2024-09-10-ActiveThreatModelSource.md delete mode 100644 csharp/ql/lib/change-notes/2024-09-16-accessor-mad.md delete mode 100644 csharp/ql/lib/change-notes/2024-09-16-delete-cil.md delete mode 100644 csharp/ql/lib/change-notes/2024-09-16-indexer-attributes.md delete mode 100644 csharp/ql/lib/change-notes/2024-09-19-reduced-dataflow-nodes.md create mode 100644 csharp/ql/lib/change-notes/released/3.0.0.md rename csharp/ql/src/change-notes/{2024-09-25-attribute-collection-sink.md => released/1.0.9.md} (72%) create mode 100644 go/ql/consistency-queries/change-notes/released/1.0.9.md delete mode 100644 go/ql/lib/change-notes/2024-09-10-ActiveThreatModelSource.md rename go/ql/lib/change-notes/{2024-09-24-incorrectly-promoted-methods.md => released/2.1.0.md} (55%) rename go/ql/src/change-notes/{2024-09-24-incorrect-integer-conversion-query-precision.md => released/1.1.0.md} (84%) create mode 100644 java/ql/automodel/src/change-notes/released/1.0.9.md delete mode 100644 java/ql/lib/change-notes/2024-09-10-ActiveThreatModelSource.md delete mode 100644 java/ql/lib/change-notes/2024-09-16-nestedName.md delete mode 100644 java/ql/lib/change-notes/2024-09-18-fields.md delete mode 100644 java/ql/lib/change-notes/2024-09-20-kotlin-2.1.0.md delete mode 100644 java/ql/lib/change-notes/2024-09-25-java-23.md create mode 100644 java/ql/lib/change-notes/released/4.1.0.md delete mode 100644 java/ql/src/change-notes/2024-09-18-getInputStream-summary.md create mode 100644 java/ql/src/change-notes/released/1.1.6.md create mode 100644 javascript/ql/lib/change-notes/released/2.0.1.md create mode 100644 javascript/ql/src/change-notes/released/1.2.1.md create mode 100644 misc/suite-helpers/change-notes/released/1.0.9.md delete mode 100644 python/ql/lib/change-notes/2024-09-20-const-compare-gaurd.md rename python/ql/lib/change-notes/{2024-08-16-threat-models.md => released/2.1.0.md} (52%) delete mode 100644 python/ql/src/change-notes/2024-08-26-Cors-misconfiguration-middleware.md create mode 100644 python/ql/src/change-notes/released/1.3.0.md create mode 100644 ruby/ql/lib/change-notes/released/2.0.1.md create mode 100644 ruby/ql/src/change-notes/released/1.1.4.md create mode 100644 shared/controlflow/change-notes/released/1.0.9.md create mode 100644 shared/dataflow/change-notes/released/1.1.3.md create mode 100644 shared/mad/change-notes/released/1.0.9.md create mode 100644 shared/rangeanalysis/change-notes/released/1.0.9.md create mode 100644 shared/regex/change-notes/released/1.0.9.md create mode 100644 shared/ssa/change-notes/released/1.0.9.md create mode 100644 shared/threat-models/change-notes/released/1.0.9.md create mode 100644 shared/tutorial/change-notes/released/1.0.9.md create mode 100644 shared/typeflow/change-notes/released/1.0.9.md create mode 100644 shared/typetracking/change-notes/released/1.0.9.md create mode 100644 shared/typos/change-notes/released/1.0.9.md create mode 100644 shared/util/change-notes/released/1.0.9.md create mode 100644 shared/xml/change-notes/released/1.0.9.md create mode 100644 shared/yaml/change-notes/released/1.0.9.md rename swift/ql/lib/change-notes/{2024-09-16-final-classes.md => released/2.0.1.md} (83%) create mode 100644 swift/ql/src/change-notes/released/1.0.9.md diff --git a/cpp/ql/lib/CHANGELOG.md b/cpp/ql/lib/CHANGELOG.md index 9723b57f127a..5d39629f62b0 100644 --- a/cpp/ql/lib/CHANGELOG.md +++ b/cpp/ql/lib/CHANGELOG.md @@ -1,3 +1,7 @@ +## 2.0.1 + +No user-facing changes. + ## 2.0.0 ### Breaking Changes diff --git a/cpp/ql/lib/change-notes/released/2.0.1.md b/cpp/ql/lib/change-notes/released/2.0.1.md new file mode 100644 index 000000000000..b5b6d0dee915 --- /dev/null +++ b/cpp/ql/lib/change-notes/released/2.0.1.md @@ -0,0 +1,3 @@ +## 2.0.1 + +No user-facing changes. diff --git a/cpp/ql/lib/codeql-pack.release.yml b/cpp/ql/lib/codeql-pack.release.yml index 0abe6ccede0f..fe974a4dbf37 100644 --- a/cpp/ql/lib/codeql-pack.release.yml +++ b/cpp/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 2.0.0 +lastReleaseVersion: 2.0.1 diff --git a/cpp/ql/lib/qlpack.yml b/cpp/ql/lib/qlpack.yml index ed8138411292..f1a2ac3942f2 100644 --- a/cpp/ql/lib/qlpack.yml +++ b/cpp/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cpp-all -version: 2.0.1-dev +version: 2.0.1 groups: cpp dbscheme: semmlecode.cpp.dbscheme extractor: cpp diff --git a/cpp/ql/src/CHANGELOG.md b/cpp/ql/src/CHANGELOG.md index 05f179aa8447..8eaccb0404dc 100644 --- a/cpp/ql/src/CHANGELOG.md +++ b/cpp/ql/src/CHANGELOG.md @@ -1,9 +1,15 @@ +## 1.2.4 + +### Minor Analysis Improvements + +* Fixed false positives in the `cpp/wrong-number-format-arguments` ("Too few arguments to formatting function") query when the formatting function has been declared implicitly. + ## 1.2.3 ### Minor Analysis Improvements -* Removed false positives caused by buffer accesses in unreachable code. -* Removed false positives caused by inconsistent type checking. +* Removed false positives caused by buffer accesses in unreachable code +* Removed false positives caused by inconsistent type checking * Add modeling of C functions that don't throw, thereby increasing the precision of the `cpp/incorrect-allocation-error-handling` ("Incorrect allocation-error handling") query. The query now produces additional true positives. ## 1.2.2 diff --git a/cpp/ql/src/change-notes/2024-09-26-wrong-number-format-arguments.md b/cpp/ql/src/change-notes/released/1.2.4.md similarity index 80% rename from cpp/ql/src/change-notes/2024-09-26-wrong-number-format-arguments.md rename to cpp/ql/src/change-notes/released/1.2.4.md index 826a2365e24b..a603dc14047a 100644 --- a/cpp/ql/src/change-notes/2024-09-26-wrong-number-format-arguments.md +++ b/cpp/ql/src/change-notes/released/1.2.4.md @@ -1,4 +1,5 @@ ---- -category: minorAnalysis ---- +## 1.2.4 + +### Minor Analysis Improvements + * Fixed false positives in the `cpp/wrong-number-format-arguments` ("Too few arguments to formatting function") query when the formatting function has been declared implicitly. diff --git a/cpp/ql/src/codeql-pack.release.yml b/cpp/ql/src/codeql-pack.release.yml index 09a7400b5941..172090f46b6d 100644 --- a/cpp/ql/src/codeql-pack.release.yml +++ b/cpp/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.2.3 +lastReleaseVersion: 1.2.4 diff --git a/cpp/ql/src/qlpack.yml b/cpp/ql/src/qlpack.yml index 0715feb8e013..e541f95cd85f 100644 --- a/cpp/ql/src/qlpack.yml +++ b/cpp/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cpp-queries -version: 1.2.4-dev +version: 1.2.4 groups: - cpp - queries diff --git a/csharp/ql/campaigns/Solorigate/lib/CHANGELOG.md b/csharp/ql/campaigns/Solorigate/lib/CHANGELOG.md index c469ca5f4ffc..989d5e74408f 100644 --- a/csharp/ql/campaigns/Solorigate/lib/CHANGELOG.md +++ b/csharp/ql/campaigns/Solorigate/lib/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.7.26 + +No user-facing changes. + ## 1.7.25 No user-facing changes. diff --git a/csharp/ql/campaigns/Solorigate/lib/change-notes/released/1.7.26.md b/csharp/ql/campaigns/Solorigate/lib/change-notes/released/1.7.26.md new file mode 100644 index 000000000000..468fc7681dfb --- /dev/null +++ b/csharp/ql/campaigns/Solorigate/lib/change-notes/released/1.7.26.md @@ -0,0 +1,3 @@ +## 1.7.26 + +No user-facing changes. diff --git a/csharp/ql/campaigns/Solorigate/lib/codeql-pack.release.yml b/csharp/ql/campaigns/Solorigate/lib/codeql-pack.release.yml index 317528bce5fc..ca4c34e70d1b 100644 --- a/csharp/ql/campaigns/Solorigate/lib/codeql-pack.release.yml +++ b/csharp/ql/campaigns/Solorigate/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.7.25 +lastReleaseVersion: 1.7.26 diff --git a/csharp/ql/campaigns/Solorigate/lib/qlpack.yml b/csharp/ql/campaigns/Solorigate/lib/qlpack.yml index ca0697ac40be..871d2ed3619a 100644 --- a/csharp/ql/campaigns/Solorigate/lib/qlpack.yml +++ b/csharp/ql/campaigns/Solorigate/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/csharp-solorigate-all -version: 1.7.26-dev +version: 1.7.26 groups: - csharp - solorigate diff --git a/csharp/ql/campaigns/Solorigate/src/CHANGELOG.md b/csharp/ql/campaigns/Solorigate/src/CHANGELOG.md index c469ca5f4ffc..989d5e74408f 100644 --- a/csharp/ql/campaigns/Solorigate/src/CHANGELOG.md +++ b/csharp/ql/campaigns/Solorigate/src/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.7.26 + +No user-facing changes. + ## 1.7.25 No user-facing changes. diff --git a/csharp/ql/campaigns/Solorigate/src/change-notes/released/1.7.26.md b/csharp/ql/campaigns/Solorigate/src/change-notes/released/1.7.26.md new file mode 100644 index 000000000000..468fc7681dfb --- /dev/null +++ b/csharp/ql/campaigns/Solorigate/src/change-notes/released/1.7.26.md @@ -0,0 +1,3 @@ +## 1.7.26 + +No user-facing changes. diff --git a/csharp/ql/campaigns/Solorigate/src/codeql-pack.release.yml b/csharp/ql/campaigns/Solorigate/src/codeql-pack.release.yml index 317528bce5fc..ca4c34e70d1b 100644 --- a/csharp/ql/campaigns/Solorigate/src/codeql-pack.release.yml +++ b/csharp/ql/campaigns/Solorigate/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.7.25 +lastReleaseVersion: 1.7.26 diff --git a/csharp/ql/campaigns/Solorigate/src/qlpack.yml b/csharp/ql/campaigns/Solorigate/src/qlpack.yml index 221eca049fe5..00c3209afe98 100644 --- a/csharp/ql/campaigns/Solorigate/src/qlpack.yml +++ b/csharp/ql/campaigns/Solorigate/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/csharp-solorigate-queries -version: 1.7.26-dev +version: 1.7.26 groups: - csharp - solorigate diff --git a/csharp/ql/lib/CHANGELOG.md b/csharp/ql/lib/CHANGELOG.md index f27c109e2693..7e8378798830 100644 --- a/csharp/ql/lib/CHANGELOG.md +++ b/csharp/ql/lib/CHANGELOG.md @@ -1,3 +1,19 @@ +## 3.0.0 + +### Breaking Changes + +* C#: Add support for MaD directly on properties and indexers using *attributes*. Using `Attribute.Getter` or `Attribute.Setter` in the model `ext` field applies the model to the getter or setter for properties and indexers. Prior to this change `Attribute` models unintentionally worked for property setters (if the property is decorated with the matching attribute). That is, a model that uses the `Attribute` feature directly on a property for a property setter needs to be changed to `Attribute.Setter`. +* C#: Remove all CIL tables and related QL library functionality. + +### Deprecated APIs + +* The class `ThreatModelFlowSource` has been renamed to `ActiveThreatModelSource` to more clearly reflect it only contains the currently active threat model sources. `ThreatModelFlowSource` has been marked as deprecated. + +### Minor Analysis Improvements + +* `DataFlow::Node` instances are no longer created for library methods and fields that are not callable (either statically or dynamically) or otherwise referred to from source code. This may affect third-party queries that use these nodes to identify library methods or fields that are present in DLL files where those methods or fields are unreferenced. If this presents a problem, consider using `Callable` and other non-dataflow classes to identify such library entities. +* C#: Add extractor support for attributes on indexers. + ## 2.0.0 ### Breaking Changes diff --git a/csharp/ql/lib/change-notes/2024-09-10-ActiveThreatModelSource.md b/csharp/ql/lib/change-notes/2024-09-10-ActiveThreatModelSource.md deleted file mode 100644 index a51e3e1deaf0..000000000000 --- a/csharp/ql/lib/change-notes/2024-09-10-ActiveThreatModelSource.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: deprecated ---- -* The class `ThreatModelFlowSource` has been renamed to `ActiveThreatModelSource` to more clearly reflect it only contains the currently active threat model sources. `ThreatModelFlowSource` has been marked as deprecated. diff --git a/csharp/ql/lib/change-notes/2024-09-16-accessor-mad.md b/csharp/ql/lib/change-notes/2024-09-16-accessor-mad.md deleted file mode 100644 index 3ccdcffef24b..000000000000 --- a/csharp/ql/lib/change-notes/2024-09-16-accessor-mad.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: breaking ---- -* C#: Add support for MaD directly on properties and indexers using *attributes*. Using `Attribute.Getter` or `Attribute.Setter` in the model `ext` field applies the model to the getter or setter for properties and indexers. Prior to this change `Attribute` models unintentionally worked for property setters (if the property is decorated with the matching attribute). That is, a model that uses the `Attribute` feature directly on a property for a property setter needs to be changed to `Attribute.Setter`. diff --git a/csharp/ql/lib/change-notes/2024-09-16-delete-cil.md b/csharp/ql/lib/change-notes/2024-09-16-delete-cil.md deleted file mode 100644 index 288fc29e5cb9..000000000000 --- a/csharp/ql/lib/change-notes/2024-09-16-delete-cil.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: breaking ---- -* C#: Remove all CIL tables and related QL library functionality. diff --git a/csharp/ql/lib/change-notes/2024-09-16-indexer-attributes.md b/csharp/ql/lib/change-notes/2024-09-16-indexer-attributes.md deleted file mode 100644 index 4d1fbee6d4cb..000000000000 --- a/csharp/ql/lib/change-notes/2024-09-16-indexer-attributes.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* C#: Add extractor support for attributes on indexers. diff --git a/csharp/ql/lib/change-notes/2024-09-19-reduced-dataflow-nodes.md b/csharp/ql/lib/change-notes/2024-09-19-reduced-dataflow-nodes.md deleted file mode 100644 index da1c4cc54bc7..000000000000 --- a/csharp/ql/lib/change-notes/2024-09-19-reduced-dataflow-nodes.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* `DataFlow::Node` instances are no longer created for library methods and fields that are not callable (either statically or dynamically) or otherwise referred to from source code. This may affect third-party queries that use these nodes to identify library methods or fields that are present in DLL files where those methods or fields are unreferenced. If this presents a problem, consider using `Callable` and other non-dataflow classes to identify such library entities. diff --git a/csharp/ql/lib/change-notes/released/3.0.0.md b/csharp/ql/lib/change-notes/released/3.0.0.md new file mode 100644 index 000000000000..1042cc6d7248 --- /dev/null +++ b/csharp/ql/lib/change-notes/released/3.0.0.md @@ -0,0 +1,15 @@ +## 3.0.0 + +### Breaking Changes + +* C#: Add support for MaD directly on properties and indexers using *attributes*. Using `Attribute.Getter` or `Attribute.Setter` in the model `ext` field applies the model to the getter or setter for properties and indexers. Prior to this change `Attribute` models unintentionally worked for property setters (if the property is decorated with the matching attribute). That is, a model that uses the `Attribute` feature directly on a property for a property setter needs to be changed to `Attribute.Setter`. +* C#: Remove all CIL tables and related QL library functionality. + +### Deprecated APIs + +* The class `ThreatModelFlowSource` has been renamed to `ActiveThreatModelSource` to more clearly reflect it only contains the currently active threat model sources. `ThreatModelFlowSource` has been marked as deprecated. + +### Minor Analysis Improvements + +* `DataFlow::Node` instances are no longer created for library methods and fields that are not callable (either statically or dynamically) or otherwise referred to from source code. This may affect third-party queries that use these nodes to identify library methods or fields that are present in DLL files where those methods or fields are unreferenced. If this presents a problem, consider using `Callable` and other non-dataflow classes to identify such library entities. +* C#: Add extractor support for attributes on indexers. diff --git a/csharp/ql/lib/codeql-pack.release.yml b/csharp/ql/lib/codeql-pack.release.yml index 0abe6ccede0f..33d3a2cd1139 100644 --- a/csharp/ql/lib/codeql-pack.release.yml +++ b/csharp/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 2.0.0 +lastReleaseVersion: 3.0.0 diff --git a/csharp/ql/lib/qlpack.yml b/csharp/ql/lib/qlpack.yml index 9fdd0511ccd0..a8e9c68cfb44 100644 --- a/csharp/ql/lib/qlpack.yml +++ b/csharp/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/csharp-all -version: 2.0.1-dev +version: 3.0.0 groups: csharp dbscheme: semmlecode.csharp.dbscheme extractor: csharp diff --git a/csharp/ql/src/CHANGELOG.md b/csharp/ql/src/CHANGELOG.md index c1d05cc119ef..4c162b64d8f7 100644 --- a/csharp/ql/src/CHANGELOG.md +++ b/csharp/ql/src/CHANGELOG.md @@ -1,3 +1,9 @@ +## 1.0.9 + +### Minor Analysis Improvements + +* C#: The indexer and `Add` method on `System.Web.UI.AttributeCollection` is no longer considered an HTML sink. + ## 1.0.8 No user-facing changes. diff --git a/csharp/ql/src/change-notes/2024-09-25-attribute-collection-sink.md b/csharp/ql/src/change-notes/released/1.0.9.md similarity index 72% rename from csharp/ql/src/change-notes/2024-09-25-attribute-collection-sink.md rename to csharp/ql/src/change-notes/released/1.0.9.md index 35e959f6f3db..85944dc2a71d 100644 --- a/csharp/ql/src/change-notes/2024-09-25-attribute-collection-sink.md +++ b/csharp/ql/src/change-notes/released/1.0.9.md @@ -1,4 +1,5 @@ ---- -category: minorAnalysis ---- +## 1.0.9 + +### Minor Analysis Improvements + * C#: The indexer and `Add` method on `System.Web.UI.AttributeCollection` is no longer considered an HTML sink. diff --git a/csharp/ql/src/codeql-pack.release.yml b/csharp/ql/src/codeql-pack.release.yml index 5c55fbd52ed1..fb813c5ee050 100644 --- a/csharp/ql/src/codeql-pack.release.yml +++ b/csharp/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.8 +lastReleaseVersion: 1.0.9 diff --git a/csharp/ql/src/qlpack.yml b/csharp/ql/src/qlpack.yml index 363cfe14e3d1..82e9607d7ab7 100644 --- a/csharp/ql/src/qlpack.yml +++ b/csharp/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/csharp-queries -version: 1.0.9-dev +version: 1.0.9 groups: - csharp - queries diff --git a/go/ql/consistency-queries/CHANGELOG.md b/go/ql/consistency-queries/CHANGELOG.md index 7e87aa463576..9589b67148fa 100644 --- a/go/ql/consistency-queries/CHANGELOG.md +++ b/go/ql/consistency-queries/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.9 + +No user-facing changes. + ## 1.0.8 No user-facing changes. diff --git a/go/ql/consistency-queries/change-notes/released/1.0.9.md b/go/ql/consistency-queries/change-notes/released/1.0.9.md new file mode 100644 index 000000000000..ee073f7ec16d --- /dev/null +++ b/go/ql/consistency-queries/change-notes/released/1.0.9.md @@ -0,0 +1,3 @@ +## 1.0.9 + +No user-facing changes. diff --git a/go/ql/consistency-queries/codeql-pack.release.yml b/go/ql/consistency-queries/codeql-pack.release.yml index 5c55fbd52ed1..fb813c5ee050 100644 --- a/go/ql/consistency-queries/codeql-pack.release.yml +++ b/go/ql/consistency-queries/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.8 +lastReleaseVersion: 1.0.9 diff --git a/go/ql/consistency-queries/qlpack.yml b/go/ql/consistency-queries/qlpack.yml index b7a6550ede1a..9800f5090fac 100644 --- a/go/ql/consistency-queries/qlpack.yml +++ b/go/ql/consistency-queries/qlpack.yml @@ -1,5 +1,5 @@ name: codeql-go-consistency-queries -version: 1.0.9-dev +version: 1.0.9 groups: - go - queries diff --git a/go/ql/lib/CHANGELOG.md b/go/ql/lib/CHANGELOG.md index 6fe67e276c31..a9a8190e6acc 100644 --- a/go/ql/lib/CHANGELOG.md +++ b/go/ql/lib/CHANGELOG.md @@ -1,3 +1,13 @@ +## 2.1.0 + +### Deprecated APIs + +* The class `ThreatModelFlowSource` has been renamed to `ActiveThreatModelSource` to more clearly reflect it only contains the currently active threat model sources. `ThreatModelFlowSource` has been marked as deprecated. + +### Minor Analysis Improvements + +* A method in the method set of an embedded field of a struct should not be promoted to the method set of the struct if the struct has a method with the same name. This was not being enforced, which meant that there were two methods with the same qualified name, and models were sometimes being applied when they shouldn't have been. This has now been fixed. + ## 2.0.0 ### Breaking Changes @@ -9,13 +19,13 @@ * When a function or type has more than one anonymous type parameters, they were mistakenly being treated as the same type parameter. This has now been fixed. * Local source models for reading and parsing environment variables have been added for the following libraries: - * `os` - * `syscall` - * `github.com/caarlos0/env` - * `github.com/gobuffalo/envy` - * `github.com/hashicorp/go-envparse` - * `github.com/joho/godotenv` - * `github.com/kelseyhightower/envconfig` + * os + * syscall + * github.com/caarlos0/env + * github.com/gobuffalo/envy + * github.com/hashicorp/go-envparse + * github.com/joho/godotenv + * github.com/kelseyhightower/envconfig * Local source models have been added for the APIs which open files in the `io/fs`, `io/ioutil` and `os` packages in the Go standard library. You can optionally include threat models as appropriate when using the CodeQL CLI and in GitHub code scanning. For more information, see [Analyzing your code with CodeQL queries](https://docs.github.com/code-security/codeql-cli/getting-started-with-the-codeql-cli/analyzing-your-code-with-codeql-queries#including-model-packs-to-add-potential-sources-of-tainted-data>) and [Customizing your advanced setup for code scanning](https://docs.github.com/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/customizing-your-advanced-setup-for-code-scanning#extending-codeql-coverage-with-threat-models). ### Bug Fixes diff --git a/go/ql/lib/change-notes/2024-09-10-ActiveThreatModelSource.md b/go/ql/lib/change-notes/2024-09-10-ActiveThreatModelSource.md deleted file mode 100644 index a51e3e1deaf0..000000000000 --- a/go/ql/lib/change-notes/2024-09-10-ActiveThreatModelSource.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: deprecated ---- -* The class `ThreatModelFlowSource` has been renamed to `ActiveThreatModelSource` to more clearly reflect it only contains the currently active threat model sources. `ThreatModelFlowSource` has been marked as deprecated. diff --git a/go/ql/lib/change-notes/2024-09-24-incorrectly-promoted-methods.md b/go/ql/lib/change-notes/released/2.1.0.md similarity index 55% rename from go/ql/lib/change-notes/2024-09-24-incorrectly-promoted-methods.md rename to go/ql/lib/change-notes/released/2.1.0.md index 32802982b75e..2feedfb0c15d 100644 --- a/go/ql/lib/change-notes/2024-09-24-incorrectly-promoted-methods.md +++ b/go/ql/lib/change-notes/released/2.1.0.md @@ -1,4 +1,9 @@ ---- -category: minorAnalysis ---- +## 2.1.0 + +### Deprecated APIs + +* The class `ThreatModelFlowSource` has been renamed to `ActiveThreatModelSource` to more clearly reflect it only contains the currently active threat model sources. `ThreatModelFlowSource` has been marked as deprecated. + +### Minor Analysis Improvements + * A method in the method set of an embedded field of a struct should not be promoted to the method set of the struct if the struct has a method with the same name. This was not being enforced, which meant that there were two methods with the same qualified name, and models were sometimes being applied when they shouldn't have been. This has now been fixed. diff --git a/go/ql/lib/codeql-pack.release.yml b/go/ql/lib/codeql-pack.release.yml index 0abe6ccede0f..487a1a58b2b8 100644 --- a/go/ql/lib/codeql-pack.release.yml +++ b/go/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 2.0.0 +lastReleaseVersion: 2.1.0 diff --git a/go/ql/lib/qlpack.yml b/go/ql/lib/qlpack.yml index d86c9a07eed9..b6987a250d1a 100644 --- a/go/ql/lib/qlpack.yml +++ b/go/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/go-all -version: 2.0.1-dev +version: 2.1.0 groups: go dbscheme: go.dbscheme extractor: go diff --git a/go/ql/src/CHANGELOG.md b/go/ql/src/CHANGELOG.md index cf6d235f496b..69a5ed3e9f83 100644 --- a/go/ql/src/CHANGELOG.md +++ b/go/ql/src/CHANGELOG.md @@ -1,3 +1,9 @@ +## 1.1.0 + +### Query Metadata Changes + +* The precision of the `go/incorrect-integer-conversion-query` query was decreased from `very-high` to `high`, since there is at least one known class of false positives involving dynamic bounds checking. + ## 1.0.8 No user-facing changes. diff --git a/go/ql/src/change-notes/2024-09-24-incorrect-integer-conversion-query-precision.md b/go/ql/src/change-notes/released/1.1.0.md similarity index 84% rename from go/ql/src/change-notes/2024-09-24-incorrect-integer-conversion-query-precision.md rename to go/ql/src/change-notes/released/1.1.0.md index b8acf46c9c5b..b29676add16e 100644 --- a/go/ql/src/change-notes/2024-09-24-incorrect-integer-conversion-query-precision.md +++ b/go/ql/src/change-notes/released/1.1.0.md @@ -1,4 +1,5 @@ ---- -category: queryMetadata ---- +## 1.1.0 + +### Query Metadata Changes + * The precision of the `go/incorrect-integer-conversion-query` query was decreased from `very-high` to `high`, since there is at least one known class of false positives involving dynamic bounds checking. diff --git a/go/ql/src/codeql-pack.release.yml b/go/ql/src/codeql-pack.release.yml index 5c55fbd52ed1..2ac15439f561 100644 --- a/go/ql/src/codeql-pack.release.yml +++ b/go/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.8 +lastReleaseVersion: 1.1.0 diff --git a/go/ql/src/qlpack.yml b/go/ql/src/qlpack.yml index cd5903f6d7f4..e783026f6cfd 100644 --- a/go/ql/src/qlpack.yml +++ b/go/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/go-queries -version: 1.0.9-dev +version: 1.1.0 groups: - go - queries diff --git a/java/ql/automodel/src/CHANGELOG.md b/java/ql/automodel/src/CHANGELOG.md index 0a51a6089138..4d632a2ae2d2 100644 --- a/java/ql/automodel/src/CHANGELOG.md +++ b/java/ql/automodel/src/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.9 + +No user-facing changes. + ## 1.0.8 No user-facing changes. diff --git a/java/ql/automodel/src/change-notes/released/1.0.9.md b/java/ql/automodel/src/change-notes/released/1.0.9.md new file mode 100644 index 000000000000..ee073f7ec16d --- /dev/null +++ b/java/ql/automodel/src/change-notes/released/1.0.9.md @@ -0,0 +1,3 @@ +## 1.0.9 + +No user-facing changes. diff --git a/java/ql/automodel/src/codeql-pack.release.yml b/java/ql/automodel/src/codeql-pack.release.yml index 5c55fbd52ed1..fb813c5ee050 100644 --- a/java/ql/automodel/src/codeql-pack.release.yml +++ b/java/ql/automodel/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.8 +lastReleaseVersion: 1.0.9 diff --git a/java/ql/automodel/src/qlpack.yml b/java/ql/automodel/src/qlpack.yml index 8e4863f23b81..1e1fdbb9f38d 100644 --- a/java/ql/automodel/src/qlpack.yml +++ b/java/ql/automodel/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/java-automodel-queries -version: 1.0.9-dev +version: 1.0.9 groups: - java - automodel diff --git a/java/ql/lib/CHANGELOG.md b/java/ql/lib/CHANGELOG.md index 418043171763..5441126d72c9 100644 --- a/java/ql/lib/CHANGELOG.md +++ b/java/ql/lib/CHANGELOG.md @@ -1,3 +1,17 @@ +## 4.1.0 + +### Deprecated APIs + +* The `Field.getSourceDeclaration()` predicate has been deprecated. The result was always the original field, so calls to it can simply be removed. +* The `Field.isSourceDeclaration()` predicate has been deprecated. It always holds. +* The `RefType.nestedName()` predicate has been deprecated, and `RefType.getNestedName()` added to replace it. +* The class `ThreatModelFlowSource` has been renamed to `ActiveThreatModelSource` to more clearly reflect it only contains the currently active threat model sources. `ThreatModelFlowSource` has been marked as deprecated. + +### New Features + +* The Java extractor and QL libraries now support Java 23. +* Kotlin versions up to 2.1.0\ *x* are now supported. + ## 4.0.0 ### Breaking Changes @@ -13,7 +27,7 @@ ### Major Analysis Improvements -* When a method exists as source code, we will no longer use a models-as-data (MaD) model of that method. This primarily affects query results when the analysis includes generated models for the source code being analysed. +* A generated (Models as Data) summary model is no longer used, if there exists a source code alternative. This primarily affects the analysis, when the analysis includes generated models for the source code being analysed. ## 3.0.2 diff --git a/java/ql/lib/change-notes/2024-09-10-ActiveThreatModelSource.md b/java/ql/lib/change-notes/2024-09-10-ActiveThreatModelSource.md deleted file mode 100644 index a51e3e1deaf0..000000000000 --- a/java/ql/lib/change-notes/2024-09-10-ActiveThreatModelSource.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: deprecated ---- -* The class `ThreatModelFlowSource` has been renamed to `ActiveThreatModelSource` to more clearly reflect it only contains the currently active threat model sources. `ThreatModelFlowSource` has been marked as deprecated. diff --git a/java/ql/lib/change-notes/2024-09-16-nestedName.md b/java/ql/lib/change-notes/2024-09-16-nestedName.md deleted file mode 100644 index 26e384e99da3..000000000000 --- a/java/ql/lib/change-notes/2024-09-16-nestedName.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: deprecated ---- -* The `RefType.nestedName()` predicate has been deprecated, and `RefType.getNestedName()` added to replace it. diff --git a/java/ql/lib/change-notes/2024-09-18-fields.md b/java/ql/lib/change-notes/2024-09-18-fields.md deleted file mode 100644 index d2367bf2b04e..000000000000 --- a/java/ql/lib/change-notes/2024-09-18-fields.md +++ /dev/null @@ -1,5 +0,0 @@ ---- -category: deprecated ---- -* The `Field.getSourceDeclaration()` predicate has been deprecated. The result was always the original field, so calls to it can simply be removed. -* The `Field.isSourceDeclaration()` predicate has been deprecated. It always holds. diff --git a/java/ql/lib/change-notes/2024-09-20-kotlin-2.1.0.md b/java/ql/lib/change-notes/2024-09-20-kotlin-2.1.0.md deleted file mode 100644 index f9b19e63d320..000000000000 --- a/java/ql/lib/change-notes/2024-09-20-kotlin-2.1.0.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: feature ---- -* Kotlin versions up to 2.1.0\ *x* are now supported. diff --git a/java/ql/lib/change-notes/2024-09-25-java-23.md b/java/ql/lib/change-notes/2024-09-25-java-23.md deleted file mode 100644 index cc620c54d6e7..000000000000 --- a/java/ql/lib/change-notes/2024-09-25-java-23.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: feature ---- -* The Java extractor and QL libraries now support Java 23. diff --git a/java/ql/lib/change-notes/released/4.1.0.md b/java/ql/lib/change-notes/released/4.1.0.md new file mode 100644 index 000000000000..579567e1edd0 --- /dev/null +++ b/java/ql/lib/change-notes/released/4.1.0.md @@ -0,0 +1,13 @@ +## 4.1.0 + +### Deprecated APIs + +* The `Field.getSourceDeclaration()` predicate has been deprecated. The result was always the original field, so calls to it can simply be removed. +* The `Field.isSourceDeclaration()` predicate has been deprecated. It always holds. +* The `RefType.nestedName()` predicate has been deprecated, and `RefType.getNestedName()` added to replace it. +* The class `ThreatModelFlowSource` has been renamed to `ActiveThreatModelSource` to more clearly reflect it only contains the currently active threat model sources. `ThreatModelFlowSource` has been marked as deprecated. + +### New Features + +* The Java extractor and QL libraries now support Java 23. +* Kotlin versions up to 2.1.0\ *x* are now supported. diff --git a/java/ql/lib/codeql-pack.release.yml b/java/ql/lib/codeql-pack.release.yml index 49fe3eef6973..d5b1bf88d10e 100644 --- a/java/ql/lib/codeql-pack.release.yml +++ b/java/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 4.0.0 +lastReleaseVersion: 4.1.0 diff --git a/java/ql/lib/qlpack.yml b/java/ql/lib/qlpack.yml index 9189b611545b..9c69e18a30b8 100644 --- a/java/ql/lib/qlpack.yml +++ b/java/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/java-all -version: 4.0.1-dev +version: 4.1.0 groups: java dbscheme: config/semmlecode.dbscheme extractor: java diff --git a/java/ql/src/CHANGELOG.md b/java/ql/src/CHANGELOG.md index c33e27c7b655..20e7a248aebb 100644 --- a/java/ql/src/CHANGELOG.md +++ b/java/ql/src/CHANGELOG.md @@ -1,3 +1,9 @@ +## 1.1.6 + +### Minor Analysis Improvements + +* Added taint summary model for `org.springframework.core.io.InputStreamSource#getInputStream()`. + ## 1.1.5 No user-facing changes. diff --git a/java/ql/src/change-notes/2024-09-18-getInputStream-summary.md b/java/ql/src/change-notes/2024-09-18-getInputStream-summary.md deleted file mode 100644 index be8056173301..000000000000 --- a/java/ql/src/change-notes/2024-09-18-getInputStream-summary.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* Added taint summary model for `org.springframework.core.io.InputStreamSource#getInputStream()`. \ No newline at end of file diff --git a/java/ql/src/change-notes/released/1.1.6.md b/java/ql/src/change-notes/released/1.1.6.md new file mode 100644 index 000000000000..dc156b8a5bea --- /dev/null +++ b/java/ql/src/change-notes/released/1.1.6.md @@ -0,0 +1,5 @@ +## 1.1.6 + +### Minor Analysis Improvements + +* Added taint summary model for `org.springframework.core.io.InputStreamSource#getInputStream()`. diff --git a/java/ql/src/codeql-pack.release.yml b/java/ql/src/codeql-pack.release.yml index df39a9de059d..9e712a00a21d 100644 --- a/java/ql/src/codeql-pack.release.yml +++ b/java/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.1.5 +lastReleaseVersion: 1.1.6 diff --git a/java/ql/src/qlpack.yml b/java/ql/src/qlpack.yml index 28de019af811..635ef97836fe 100644 --- a/java/ql/src/qlpack.yml +++ b/java/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/java-queries -version: 1.1.6-dev +version: 1.1.6 groups: - java - queries diff --git a/javascript/ql/lib/CHANGELOG.md b/javascript/ql/lib/CHANGELOG.md index 105414b5b37f..bb77b4f1f496 100644 --- a/javascript/ql/lib/CHANGELOG.md +++ b/javascript/ql/lib/CHANGELOG.md @@ -1,3 +1,7 @@ +## 2.0.1 + +No user-facing changes. + ## 2.0.0 ### Breaking Changes diff --git a/javascript/ql/lib/change-notes/released/2.0.1.md b/javascript/ql/lib/change-notes/released/2.0.1.md new file mode 100644 index 000000000000..b5b6d0dee915 --- /dev/null +++ b/javascript/ql/lib/change-notes/released/2.0.1.md @@ -0,0 +1,3 @@ +## 2.0.1 + +No user-facing changes. diff --git a/javascript/ql/lib/codeql-pack.release.yml b/javascript/ql/lib/codeql-pack.release.yml index 0abe6ccede0f..fe974a4dbf37 100644 --- a/javascript/ql/lib/codeql-pack.release.yml +++ b/javascript/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 2.0.0 +lastReleaseVersion: 2.0.1 diff --git a/javascript/ql/lib/qlpack.yml b/javascript/ql/lib/qlpack.yml index 6355ae8868a9..a93cb421a869 100644 --- a/javascript/ql/lib/qlpack.yml +++ b/javascript/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/javascript-all -version: 2.0.1-dev +version: 2.0.1 groups: javascript dbscheme: semmlecode.javascript.dbscheme extractor: javascript diff --git a/javascript/ql/src/CHANGELOG.md b/javascript/ql/src/CHANGELOG.md index e337a585f634..adf7daa3eb43 100644 --- a/javascript/ql/src/CHANGELOG.md +++ b/javascript/ql/src/CHANGELOG.md @@ -1,8 +1,12 @@ +## 1.2.1 + +No user-facing changes. + ## 1.2.0 ### Major Analysis Improvements -- Added a new query (`js/actions/actions-artifact-leak`) to detect GitHub Actions artifacts that may leak the `GITHUB_TOKEN` token. +- Added a new query (`js/actions/actions-artifact-leak`) to detect GitHub Actions artifacts that may leak the GITHUB_TOKEN token. ## 1.1.3 diff --git a/javascript/ql/src/change-notes/released/1.2.1.md b/javascript/ql/src/change-notes/released/1.2.1.md new file mode 100644 index 000000000000..67aaa1465fd7 --- /dev/null +++ b/javascript/ql/src/change-notes/released/1.2.1.md @@ -0,0 +1,3 @@ +## 1.2.1 + +No user-facing changes. diff --git a/javascript/ql/src/codeql-pack.release.yml b/javascript/ql/src/codeql-pack.release.yml index 75430e73d1c4..73dd403938c9 100644 --- a/javascript/ql/src/codeql-pack.release.yml +++ b/javascript/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.2.0 +lastReleaseVersion: 1.2.1 diff --git a/javascript/ql/src/qlpack.yml b/javascript/ql/src/qlpack.yml index 9b1f749b8ac4..49489696e79a 100644 --- a/javascript/ql/src/qlpack.yml +++ b/javascript/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/javascript-queries -version: 1.2.1-dev +version: 1.2.1 groups: - javascript - queries diff --git a/misc/suite-helpers/CHANGELOG.md b/misc/suite-helpers/CHANGELOG.md index 1d5d3b7b3869..729794553521 100644 --- a/misc/suite-helpers/CHANGELOG.md +++ b/misc/suite-helpers/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.9 + +No user-facing changes. + ## 1.0.8 No user-facing changes. diff --git a/misc/suite-helpers/change-notes/released/1.0.9.md b/misc/suite-helpers/change-notes/released/1.0.9.md new file mode 100644 index 000000000000..ee073f7ec16d --- /dev/null +++ b/misc/suite-helpers/change-notes/released/1.0.9.md @@ -0,0 +1,3 @@ +## 1.0.9 + +No user-facing changes. diff --git a/misc/suite-helpers/codeql-pack.release.yml b/misc/suite-helpers/codeql-pack.release.yml index 5c55fbd52ed1..fb813c5ee050 100644 --- a/misc/suite-helpers/codeql-pack.release.yml +++ b/misc/suite-helpers/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.8 +lastReleaseVersion: 1.0.9 diff --git a/misc/suite-helpers/qlpack.yml b/misc/suite-helpers/qlpack.yml index a349dd3c6d23..a4d970e31297 100644 --- a/misc/suite-helpers/qlpack.yml +++ b/misc/suite-helpers/qlpack.yml @@ -1,4 +1,4 @@ name: codeql/suite-helpers -version: 1.0.9-dev +version: 1.0.9 groups: shared warnOnImplicitThis: true diff --git a/python/ql/lib/CHANGELOG.md b/python/ql/lib/CHANGELOG.md index bd673aa9edc1..4cadb40bc2f5 100644 --- a/python/ql/lib/CHANGELOG.md +++ b/python/ql/lib/CHANGELOG.md @@ -1,3 +1,13 @@ +## 2.1.0 + +### New Features + +* Added support for custom threat-models, which can be used in most of our taint-tracking queries, see our [documentation](https://docs.github.com/en/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/customizing-your-advanced-setup-for-code-scanning#extending-codeql-coverage-with-threat-models) for more details. + +### Minor Analysis Improvements + +* The common sanitizer guard `StringConstCompareBarrier` has been renamed to `ConstCompareBarrier` and expanded to cover comparisons with other constant values such as `None`. This may result in fewer false positive results for several queries. + ## 2.0.0 ### Breaking Changes diff --git a/python/ql/lib/change-notes/2024-09-20-const-compare-gaurd.md b/python/ql/lib/change-notes/2024-09-20-const-compare-gaurd.md deleted file mode 100644 index 2adb7fa82a88..000000000000 --- a/python/ql/lib/change-notes/2024-09-20-const-compare-gaurd.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* The common sanitizer guard `StringConstCompareBarrier` has been renamed to `ConstCompareBarrier` and expanded to cover comparisons with other constant values such as `None`. This may result in fewer false positive results for several queries. \ No newline at end of file diff --git a/python/ql/lib/change-notes/2024-08-16-threat-models.md b/python/ql/lib/change-notes/released/2.1.0.md similarity index 52% rename from python/ql/lib/change-notes/2024-08-16-threat-models.md rename to python/ql/lib/change-notes/released/2.1.0.md index ba01e6f6fbda..e399bad51197 100644 --- a/python/ql/lib/change-notes/2024-08-16-threat-models.md +++ b/python/ql/lib/change-notes/released/2.1.0.md @@ -1,4 +1,9 @@ ---- -category: feature ---- +## 2.1.0 + +### New Features + * Added support for custom threat-models, which can be used in most of our taint-tracking queries, see our [documentation](https://docs.github.com/en/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/customizing-your-advanced-setup-for-code-scanning#extending-codeql-coverage-with-threat-models) for more details. + +### Minor Analysis Improvements + +* The common sanitizer guard `StringConstCompareBarrier` has been renamed to `ConstCompareBarrier` and expanded to cover comparisons with other constant values such as `None`. This may result in fewer false positive results for several queries. diff --git a/python/ql/lib/codeql-pack.release.yml b/python/ql/lib/codeql-pack.release.yml index 0abe6ccede0f..487a1a58b2b8 100644 --- a/python/ql/lib/codeql-pack.release.yml +++ b/python/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 2.0.0 +lastReleaseVersion: 2.1.0 diff --git a/python/ql/lib/qlpack.yml b/python/ql/lib/qlpack.yml index 5c71504afecc..316f7a1cc1e6 100644 --- a/python/ql/lib/qlpack.yml +++ b/python/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/python-all -version: 2.0.1-dev +version: 2.1.0 groups: python dbscheme: semmlecode.python.dbscheme extractor: python diff --git a/python/ql/src/CHANGELOG.md b/python/ql/src/CHANGELOG.md index 045938a0cde6..21c9ebcf16f9 100644 --- a/python/ql/src/CHANGELOG.md +++ b/python/ql/src/CHANGELOG.md @@ -1,3 +1,9 @@ +## 1.3.0 + +### New Queries + +* The `py/cors-misconfiguration-with-credentials` query, which finds insecure CORS middleware configurations. + ## 1.2.2 ### Minor Analysis Improvements diff --git a/python/ql/src/change-notes/2024-08-26-Cors-misconfiguration-middleware.md b/python/ql/src/change-notes/2024-08-26-Cors-misconfiguration-middleware.md deleted file mode 100644 index aa8bc7198b31..000000000000 --- a/python/ql/src/change-notes/2024-08-26-Cors-misconfiguration-middleware.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: newQuery ---- -* The `py/cors-misconfiguration-with-credentials` query, which finds insecure CORS middleware configurations. \ No newline at end of file diff --git a/python/ql/src/change-notes/released/1.3.0.md b/python/ql/src/change-notes/released/1.3.0.md new file mode 100644 index 000000000000..5679632843a0 --- /dev/null +++ b/python/ql/src/change-notes/released/1.3.0.md @@ -0,0 +1,5 @@ +## 1.3.0 + +### New Queries + +* The `py/cors-misconfiguration-with-credentials` query, which finds insecure CORS middleware configurations. diff --git a/python/ql/src/codeql-pack.release.yml b/python/ql/src/codeql-pack.release.yml index 0a70a9a01a7e..ec16350ed6fd 100644 --- a/python/ql/src/codeql-pack.release.yml +++ b/python/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.2.2 +lastReleaseVersion: 1.3.0 diff --git a/python/ql/src/qlpack.yml b/python/ql/src/qlpack.yml index 17a8639b4160..02c861d40e1d 100644 --- a/python/ql/src/qlpack.yml +++ b/python/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/python-queries -version: 1.2.3-dev +version: 1.3.0 groups: - python - queries diff --git a/ruby/ql/lib/CHANGELOG.md b/ruby/ql/lib/CHANGELOG.md index 160b3b2b6e73..59c058c1c45c 100644 --- a/ruby/ql/lib/CHANGELOG.md +++ b/ruby/ql/lib/CHANGELOG.md @@ -1,3 +1,7 @@ +## 2.0.1 + +No user-facing changes. + ## 2.0.0 ### Breaking Changes diff --git a/ruby/ql/lib/change-notes/released/2.0.1.md b/ruby/ql/lib/change-notes/released/2.0.1.md new file mode 100644 index 000000000000..b5b6d0dee915 --- /dev/null +++ b/ruby/ql/lib/change-notes/released/2.0.1.md @@ -0,0 +1,3 @@ +## 2.0.1 + +No user-facing changes. diff --git a/ruby/ql/lib/codeql-pack.release.yml b/ruby/ql/lib/codeql-pack.release.yml index 0abe6ccede0f..fe974a4dbf37 100644 --- a/ruby/ql/lib/codeql-pack.release.yml +++ b/ruby/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 2.0.0 +lastReleaseVersion: 2.0.1 diff --git a/ruby/ql/lib/qlpack.yml b/ruby/ql/lib/qlpack.yml index aa67854634a3..da808214ea50 100644 --- a/ruby/ql/lib/qlpack.yml +++ b/ruby/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/ruby-all -version: 2.0.1-dev +version: 2.0.1 groups: ruby extractor: ruby dbscheme: ruby.dbscheme diff --git a/ruby/ql/src/CHANGELOG.md b/ruby/ql/src/CHANGELOG.md index 2598b88aa0bd..5e9c68a56a01 100644 --- a/ruby/ql/src/CHANGELOG.md +++ b/ruby/ql/src/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.1.4 + +No user-facing changes. + ## 1.1.3 No user-facing changes. diff --git a/ruby/ql/src/change-notes/released/1.1.4.md b/ruby/ql/src/change-notes/released/1.1.4.md new file mode 100644 index 000000000000..b95051903c5a --- /dev/null +++ b/ruby/ql/src/change-notes/released/1.1.4.md @@ -0,0 +1,3 @@ +## 1.1.4 + +No user-facing changes. diff --git a/ruby/ql/src/codeql-pack.release.yml b/ruby/ql/src/codeql-pack.release.yml index 35e710ab1bf0..26cbcd3f123b 100644 --- a/ruby/ql/src/codeql-pack.release.yml +++ b/ruby/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.1.3 +lastReleaseVersion: 1.1.4 diff --git a/ruby/ql/src/qlpack.yml b/ruby/ql/src/qlpack.yml index 6fe83794b898..47651d248c01 100644 --- a/ruby/ql/src/qlpack.yml +++ b/ruby/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/ruby-queries -version: 1.1.4-dev +version: 1.1.4 groups: - ruby - queries diff --git a/shared/controlflow/CHANGELOG.md b/shared/controlflow/CHANGELOG.md index 15a3aca14c62..52b731626290 100644 --- a/shared/controlflow/CHANGELOG.md +++ b/shared/controlflow/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.9 + +No user-facing changes. + ## 1.0.8 No user-facing changes. diff --git a/shared/controlflow/change-notes/released/1.0.9.md b/shared/controlflow/change-notes/released/1.0.9.md new file mode 100644 index 000000000000..ee073f7ec16d --- /dev/null +++ b/shared/controlflow/change-notes/released/1.0.9.md @@ -0,0 +1,3 @@ +## 1.0.9 + +No user-facing changes. diff --git a/shared/controlflow/codeql-pack.release.yml b/shared/controlflow/codeql-pack.release.yml index 5c55fbd52ed1..fb813c5ee050 100644 --- a/shared/controlflow/codeql-pack.release.yml +++ b/shared/controlflow/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.8 +lastReleaseVersion: 1.0.9 diff --git a/shared/controlflow/qlpack.yml b/shared/controlflow/qlpack.yml index 8e88b6d4da37..fc8bdde934d4 100644 --- a/shared/controlflow/qlpack.yml +++ b/shared/controlflow/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/controlflow -version: 1.0.9-dev +version: 1.0.9 groups: shared library: true dependencies: diff --git a/shared/dataflow/CHANGELOG.md b/shared/dataflow/CHANGELOG.md index 594e7e40d60e..360dc9cc8bff 100644 --- a/shared/dataflow/CHANGELOG.md +++ b/shared/dataflow/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.1.3 + +No user-facing changes. + ## 1.1.2 No user-facing changes. diff --git a/shared/dataflow/change-notes/released/1.1.3.md b/shared/dataflow/change-notes/released/1.1.3.md new file mode 100644 index 000000000000..e8f1701bd624 --- /dev/null +++ b/shared/dataflow/change-notes/released/1.1.3.md @@ -0,0 +1,3 @@ +## 1.1.3 + +No user-facing changes. diff --git a/shared/dataflow/codeql-pack.release.yml b/shared/dataflow/codeql-pack.release.yml index 53ab127707fc..35e710ab1bf0 100644 --- a/shared/dataflow/codeql-pack.release.yml +++ b/shared/dataflow/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.1.2 +lastReleaseVersion: 1.1.3 diff --git a/shared/dataflow/qlpack.yml b/shared/dataflow/qlpack.yml index 025663097319..2ad3f8bc73c0 100644 --- a/shared/dataflow/qlpack.yml +++ b/shared/dataflow/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/dataflow -version: 1.1.3-dev +version: 1.1.3 groups: shared library: true dependencies: diff --git a/shared/mad/CHANGELOG.md b/shared/mad/CHANGELOG.md index 74187f361120..7857f62905c7 100644 --- a/shared/mad/CHANGELOG.md +++ b/shared/mad/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.9 + +No user-facing changes. + ## 1.0.8 No user-facing changes. diff --git a/shared/mad/change-notes/released/1.0.9.md b/shared/mad/change-notes/released/1.0.9.md new file mode 100644 index 000000000000..ee073f7ec16d --- /dev/null +++ b/shared/mad/change-notes/released/1.0.9.md @@ -0,0 +1,3 @@ +## 1.0.9 + +No user-facing changes. diff --git a/shared/mad/codeql-pack.release.yml b/shared/mad/codeql-pack.release.yml index 5c55fbd52ed1..fb813c5ee050 100644 --- a/shared/mad/codeql-pack.release.yml +++ b/shared/mad/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.8 +lastReleaseVersion: 1.0.9 diff --git a/shared/mad/qlpack.yml b/shared/mad/qlpack.yml index e1bb442e4aee..ed0c1f7113c5 100644 --- a/shared/mad/qlpack.yml +++ b/shared/mad/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/mad -version: 1.0.9-dev +version: 1.0.9 groups: shared library: true dependencies: diff --git a/shared/rangeanalysis/CHANGELOG.md b/shared/rangeanalysis/CHANGELOG.md index 8a3b99e0bdf0..5878f9b564c0 100644 --- a/shared/rangeanalysis/CHANGELOG.md +++ b/shared/rangeanalysis/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.9 + +No user-facing changes. + ## 1.0.8 No user-facing changes. diff --git a/shared/rangeanalysis/change-notes/released/1.0.9.md b/shared/rangeanalysis/change-notes/released/1.0.9.md new file mode 100644 index 000000000000..ee073f7ec16d --- /dev/null +++ b/shared/rangeanalysis/change-notes/released/1.0.9.md @@ -0,0 +1,3 @@ +## 1.0.9 + +No user-facing changes. diff --git a/shared/rangeanalysis/codeql-pack.release.yml b/shared/rangeanalysis/codeql-pack.release.yml index 5c55fbd52ed1..fb813c5ee050 100644 --- a/shared/rangeanalysis/codeql-pack.release.yml +++ b/shared/rangeanalysis/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.8 +lastReleaseVersion: 1.0.9 diff --git a/shared/rangeanalysis/qlpack.yml b/shared/rangeanalysis/qlpack.yml index e443eea184f0..aaf1b1903576 100644 --- a/shared/rangeanalysis/qlpack.yml +++ b/shared/rangeanalysis/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/rangeanalysis -version: 1.0.9-dev +version: 1.0.9 groups: shared library: true dependencies: diff --git a/shared/regex/CHANGELOG.md b/shared/regex/CHANGELOG.md index f0b74ab2c7e4..01154f6c5f52 100644 --- a/shared/regex/CHANGELOG.md +++ b/shared/regex/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.9 + +No user-facing changes. + ## 1.0.8 No user-facing changes. diff --git a/shared/regex/change-notes/released/1.0.9.md b/shared/regex/change-notes/released/1.0.9.md new file mode 100644 index 000000000000..ee073f7ec16d --- /dev/null +++ b/shared/regex/change-notes/released/1.0.9.md @@ -0,0 +1,3 @@ +## 1.0.9 + +No user-facing changes. diff --git a/shared/regex/codeql-pack.release.yml b/shared/regex/codeql-pack.release.yml index 5c55fbd52ed1..fb813c5ee050 100644 --- a/shared/regex/codeql-pack.release.yml +++ b/shared/regex/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.8 +lastReleaseVersion: 1.0.9 diff --git a/shared/regex/qlpack.yml b/shared/regex/qlpack.yml index 56deb3800a17..d8b03f4ad2f5 100644 --- a/shared/regex/qlpack.yml +++ b/shared/regex/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/regex -version: 1.0.9-dev +version: 1.0.9 groups: shared library: true dependencies: diff --git a/shared/ssa/CHANGELOG.md b/shared/ssa/CHANGELOG.md index 8d36e2ab664a..85bef6a32845 100644 --- a/shared/ssa/CHANGELOG.md +++ b/shared/ssa/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.9 + +No user-facing changes. + ## 1.0.8 No user-facing changes. diff --git a/shared/ssa/change-notes/released/1.0.9.md b/shared/ssa/change-notes/released/1.0.9.md new file mode 100644 index 000000000000..ee073f7ec16d --- /dev/null +++ b/shared/ssa/change-notes/released/1.0.9.md @@ -0,0 +1,3 @@ +## 1.0.9 + +No user-facing changes. diff --git a/shared/ssa/codeql-pack.release.yml b/shared/ssa/codeql-pack.release.yml index 5c55fbd52ed1..fb813c5ee050 100644 --- a/shared/ssa/codeql-pack.release.yml +++ b/shared/ssa/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.8 +lastReleaseVersion: 1.0.9 diff --git a/shared/ssa/qlpack.yml b/shared/ssa/qlpack.yml index f412d56b9952..1bd2bea757b3 100644 --- a/shared/ssa/qlpack.yml +++ b/shared/ssa/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/ssa -version: 1.0.9-dev +version: 1.0.9 groups: shared library: true dependencies: diff --git a/shared/threat-models/CHANGELOG.md b/shared/threat-models/CHANGELOG.md index 7e87aa463576..9589b67148fa 100644 --- a/shared/threat-models/CHANGELOG.md +++ b/shared/threat-models/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.9 + +No user-facing changes. + ## 1.0.8 No user-facing changes. diff --git a/shared/threat-models/change-notes/released/1.0.9.md b/shared/threat-models/change-notes/released/1.0.9.md new file mode 100644 index 000000000000..ee073f7ec16d --- /dev/null +++ b/shared/threat-models/change-notes/released/1.0.9.md @@ -0,0 +1,3 @@ +## 1.0.9 + +No user-facing changes. diff --git a/shared/threat-models/codeql-pack.release.yml b/shared/threat-models/codeql-pack.release.yml index 5c55fbd52ed1..fb813c5ee050 100644 --- a/shared/threat-models/codeql-pack.release.yml +++ b/shared/threat-models/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.8 +lastReleaseVersion: 1.0.9 diff --git a/shared/threat-models/qlpack.yml b/shared/threat-models/qlpack.yml index 0035335c6e3f..434466938b1c 100644 --- a/shared/threat-models/qlpack.yml +++ b/shared/threat-models/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/threat-models -version: 1.0.9-dev +version: 1.0.9 library: true groups: shared dataExtensions: diff --git a/shared/tutorial/CHANGELOG.md b/shared/tutorial/CHANGELOG.md index 93d06a2b74f3..ba77e020439d 100644 --- a/shared/tutorial/CHANGELOG.md +++ b/shared/tutorial/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.9 + +No user-facing changes. + ## 1.0.8 No user-facing changes. diff --git a/shared/tutorial/change-notes/released/1.0.9.md b/shared/tutorial/change-notes/released/1.0.9.md new file mode 100644 index 000000000000..ee073f7ec16d --- /dev/null +++ b/shared/tutorial/change-notes/released/1.0.9.md @@ -0,0 +1,3 @@ +## 1.0.9 + +No user-facing changes. diff --git a/shared/tutorial/codeql-pack.release.yml b/shared/tutorial/codeql-pack.release.yml index 5c55fbd52ed1..fb813c5ee050 100644 --- a/shared/tutorial/codeql-pack.release.yml +++ b/shared/tutorial/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.8 +lastReleaseVersion: 1.0.9 diff --git a/shared/tutorial/qlpack.yml b/shared/tutorial/qlpack.yml index 6f745d6c77e8..9a89b262a321 100644 --- a/shared/tutorial/qlpack.yml +++ b/shared/tutorial/qlpack.yml @@ -1,7 +1,7 @@ name: codeql/tutorial description: Library for the CodeQL detective tutorials, helping new users learn to write CodeQL queries. -version: 1.0.9-dev +version: 1.0.9 groups: shared library: true warnOnImplicitThis: true diff --git a/shared/typeflow/CHANGELOG.md b/shared/typeflow/CHANGELOG.md index de58be267d73..93c030dee3e4 100644 --- a/shared/typeflow/CHANGELOG.md +++ b/shared/typeflow/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.9 + +No user-facing changes. + ## 1.0.8 No user-facing changes. diff --git a/shared/typeflow/change-notes/released/1.0.9.md b/shared/typeflow/change-notes/released/1.0.9.md new file mode 100644 index 000000000000..ee073f7ec16d --- /dev/null +++ b/shared/typeflow/change-notes/released/1.0.9.md @@ -0,0 +1,3 @@ +## 1.0.9 + +No user-facing changes. diff --git a/shared/typeflow/codeql-pack.release.yml b/shared/typeflow/codeql-pack.release.yml index 5c55fbd52ed1..fb813c5ee050 100644 --- a/shared/typeflow/codeql-pack.release.yml +++ b/shared/typeflow/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.8 +lastReleaseVersion: 1.0.9 diff --git a/shared/typeflow/qlpack.yml b/shared/typeflow/qlpack.yml index 71d74cb3af5b..21b1ddbc9654 100644 --- a/shared/typeflow/qlpack.yml +++ b/shared/typeflow/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/typeflow -version: 1.0.9-dev +version: 1.0.9 groups: shared library: true dependencies: diff --git a/shared/typetracking/CHANGELOG.md b/shared/typetracking/CHANGELOG.md index 0135f24d76b0..a4e57c221876 100644 --- a/shared/typetracking/CHANGELOG.md +++ b/shared/typetracking/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.9 + +No user-facing changes. + ## 1.0.8 No user-facing changes. diff --git a/shared/typetracking/change-notes/released/1.0.9.md b/shared/typetracking/change-notes/released/1.0.9.md new file mode 100644 index 000000000000..ee073f7ec16d --- /dev/null +++ b/shared/typetracking/change-notes/released/1.0.9.md @@ -0,0 +1,3 @@ +## 1.0.9 + +No user-facing changes. diff --git a/shared/typetracking/codeql-pack.release.yml b/shared/typetracking/codeql-pack.release.yml index 5c55fbd52ed1..fb813c5ee050 100644 --- a/shared/typetracking/codeql-pack.release.yml +++ b/shared/typetracking/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.8 +lastReleaseVersion: 1.0.9 diff --git a/shared/typetracking/qlpack.yml b/shared/typetracking/qlpack.yml index 3f61875e42fb..6f7282c54e9e 100644 --- a/shared/typetracking/qlpack.yml +++ b/shared/typetracking/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/typetracking -version: 1.0.9-dev +version: 1.0.9 groups: shared library: true dependencies: diff --git a/shared/typos/CHANGELOG.md b/shared/typos/CHANGELOG.md index 415174b3b07d..acee82ce867b 100644 --- a/shared/typos/CHANGELOG.md +++ b/shared/typos/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.9 + +No user-facing changes. + ## 1.0.8 No user-facing changes. diff --git a/shared/typos/change-notes/released/1.0.9.md b/shared/typos/change-notes/released/1.0.9.md new file mode 100644 index 000000000000..ee073f7ec16d --- /dev/null +++ b/shared/typos/change-notes/released/1.0.9.md @@ -0,0 +1,3 @@ +## 1.0.9 + +No user-facing changes. diff --git a/shared/typos/codeql-pack.release.yml b/shared/typos/codeql-pack.release.yml index 5c55fbd52ed1..fb813c5ee050 100644 --- a/shared/typos/codeql-pack.release.yml +++ b/shared/typos/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.8 +lastReleaseVersion: 1.0.9 diff --git a/shared/typos/qlpack.yml b/shared/typos/qlpack.yml index 4df1e7c6e6a6..3e644f92d6d1 100644 --- a/shared/typos/qlpack.yml +++ b/shared/typos/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/typos -version: 1.0.9-dev +version: 1.0.9 groups: shared library: true warnOnImplicitThis: true diff --git a/shared/util/CHANGELOG.md b/shared/util/CHANGELOG.md index 5213509f1c7b..2f918fd0416f 100644 --- a/shared/util/CHANGELOG.md +++ b/shared/util/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.9 + +No user-facing changes. + ## 1.0.8 No user-facing changes. diff --git a/shared/util/change-notes/released/1.0.9.md b/shared/util/change-notes/released/1.0.9.md new file mode 100644 index 000000000000..ee073f7ec16d --- /dev/null +++ b/shared/util/change-notes/released/1.0.9.md @@ -0,0 +1,3 @@ +## 1.0.9 + +No user-facing changes. diff --git a/shared/util/codeql-pack.release.yml b/shared/util/codeql-pack.release.yml index 5c55fbd52ed1..fb813c5ee050 100644 --- a/shared/util/codeql-pack.release.yml +++ b/shared/util/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.8 +lastReleaseVersion: 1.0.9 diff --git a/shared/util/qlpack.yml b/shared/util/qlpack.yml index 2e46755f89fe..ab191310e567 100644 --- a/shared/util/qlpack.yml +++ b/shared/util/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/util -version: 1.0.9-dev +version: 1.0.9 groups: shared library: true dependencies: null diff --git a/shared/xml/CHANGELOG.md b/shared/xml/CHANGELOG.md index e776ce85b589..90afd761e7d4 100644 --- a/shared/xml/CHANGELOG.md +++ b/shared/xml/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.9 + +No user-facing changes. + ## 1.0.8 No user-facing changes. diff --git a/shared/xml/change-notes/released/1.0.9.md b/shared/xml/change-notes/released/1.0.9.md new file mode 100644 index 000000000000..ee073f7ec16d --- /dev/null +++ b/shared/xml/change-notes/released/1.0.9.md @@ -0,0 +1,3 @@ +## 1.0.9 + +No user-facing changes. diff --git a/shared/xml/codeql-pack.release.yml b/shared/xml/codeql-pack.release.yml index 5c55fbd52ed1..fb813c5ee050 100644 --- a/shared/xml/codeql-pack.release.yml +++ b/shared/xml/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.8 +lastReleaseVersion: 1.0.9 diff --git a/shared/xml/qlpack.yml b/shared/xml/qlpack.yml index 50b2e44a4b77..f43260879fb6 100644 --- a/shared/xml/qlpack.yml +++ b/shared/xml/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/xml -version: 1.0.9-dev +version: 1.0.9 groups: shared library: true dependencies: diff --git a/shared/yaml/CHANGELOG.md b/shared/yaml/CHANGELOG.md index 3b774c7dc4c7..222c0ec037c6 100644 --- a/shared/yaml/CHANGELOG.md +++ b/shared/yaml/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.9 + +No user-facing changes. + ## 1.0.8 No user-facing changes. diff --git a/shared/yaml/change-notes/released/1.0.9.md b/shared/yaml/change-notes/released/1.0.9.md new file mode 100644 index 000000000000..ee073f7ec16d --- /dev/null +++ b/shared/yaml/change-notes/released/1.0.9.md @@ -0,0 +1,3 @@ +## 1.0.9 + +No user-facing changes. diff --git a/shared/yaml/codeql-pack.release.yml b/shared/yaml/codeql-pack.release.yml index 5c55fbd52ed1..fb813c5ee050 100644 --- a/shared/yaml/codeql-pack.release.yml +++ b/shared/yaml/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.8 +lastReleaseVersion: 1.0.9 diff --git a/shared/yaml/qlpack.yml b/shared/yaml/qlpack.yml index 4fa80cf5c0c9..4a63da564e55 100644 --- a/shared/yaml/qlpack.yml +++ b/shared/yaml/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/yaml -version: 1.0.9-dev +version: 1.0.9 groups: shared library: true warnOnImplicitThis: true diff --git a/swift/ql/lib/CHANGELOG.md b/swift/ql/lib/CHANGELOG.md index 07ce1b3e9dee..5602ebc7d231 100644 --- a/swift/ql/lib/CHANGELOG.md +++ b/swift/ql/lib/CHANGELOG.md @@ -1,3 +1,9 @@ +## 2.0.1 + +### Minor Analysis Improvements + +* All AST classes in `codeql.swift.elements` are now `final`, which means that it is no longer possible to `override` predicates defined in those classes (it is, however, still possible to `extend` the classes). + ## 2.0.0 ### Breaking Changes diff --git a/swift/ql/lib/change-notes/2024-09-16-final-classes.md b/swift/ql/lib/change-notes/released/2.0.1.md similarity index 83% rename from swift/ql/lib/change-notes/2024-09-16-final-classes.md rename to swift/ql/lib/change-notes/released/2.0.1.md index 32f46efd9796..ea35dc1370bd 100644 --- a/swift/ql/lib/change-notes/2024-09-16-final-classes.md +++ b/swift/ql/lib/change-notes/released/2.0.1.md @@ -1,4 +1,5 @@ ---- -category: minorAnalysis ---- +## 2.0.1 + +### Minor Analysis Improvements + * All AST classes in `codeql.swift.elements` are now `final`, which means that it is no longer possible to `override` predicates defined in those classes (it is, however, still possible to `extend` the classes). diff --git a/swift/ql/lib/codeql-pack.release.yml b/swift/ql/lib/codeql-pack.release.yml index 0abe6ccede0f..fe974a4dbf37 100644 --- a/swift/ql/lib/codeql-pack.release.yml +++ b/swift/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 2.0.0 +lastReleaseVersion: 2.0.1 diff --git a/swift/ql/lib/qlpack.yml b/swift/ql/lib/qlpack.yml index dac64ed9ea91..dd1896b3c291 100644 --- a/swift/ql/lib/qlpack.yml +++ b/swift/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/swift-all -version: 2.0.1-dev +version: 2.0.1 groups: swift extractor: swift dbscheme: swift.dbscheme diff --git a/swift/ql/src/CHANGELOG.md b/swift/ql/src/CHANGELOG.md index 6e8b43032bde..b47f96f9eb9e 100644 --- a/swift/ql/src/CHANGELOG.md +++ b/swift/ql/src/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.9 + +No user-facing changes. + ## 1.0.8 No user-facing changes. diff --git a/swift/ql/src/change-notes/released/1.0.9.md b/swift/ql/src/change-notes/released/1.0.9.md new file mode 100644 index 000000000000..ee073f7ec16d --- /dev/null +++ b/swift/ql/src/change-notes/released/1.0.9.md @@ -0,0 +1,3 @@ +## 1.0.9 + +No user-facing changes. diff --git a/swift/ql/src/codeql-pack.release.yml b/swift/ql/src/codeql-pack.release.yml index 5c55fbd52ed1..fb813c5ee050 100644 --- a/swift/ql/src/codeql-pack.release.yml +++ b/swift/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.8 +lastReleaseVersion: 1.0.9 diff --git a/swift/ql/src/qlpack.yml b/swift/ql/src/qlpack.yml index ff1a0b18e740..8f33acf16a69 100644 --- a/swift/ql/src/qlpack.yml +++ b/swift/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/swift-queries -version: 1.0.9-dev +version: 1.0.9 groups: - swift - queries